>assume that it means that someone can launch this attack while wardriving, which they cant.

As a former wardriver (¡WEPlol!), it only makes this more difficult. In my US city every home/business has a fiber/copper switch, usually outside. A screw-driver and you're in.

Granted, this now becomes a physical attack (only for initial access) — but still viable.

----

>the next step is to put [AirSnitch] into historical context and assess how big a threat it poses in the real world. In some respects, it resembles the 2007 PTW attack ... that completely and immediately broke WEP, leaving Wi-Fi users everywhere with no means to protect themselves against nearby adversaries. For now, client isolation is similarly defeated—almost completely and overnight—with no immediate remedy available.

----

I think the article's main point is that so many places have similarly-such-unsecured plug-in points. Perhaps even a user was authorized for one WiFi network segment, and is already "in" — bless this digital mess!

▲

tmp10423288442 2 hours ago | parent | next [-]

You have a modem that you can attach to those switches? They’re completely unauthenticated?

	▲	ProllyInfamous an hour ago \| parent [-]
		Both, yes. Physical hardware isolation. ---- As a funny personal anecdote, my brother is a state judge. His most personal thoughts & correspondances are crafted upon typewriters (mine as well). He isn't officially allowed to just use any phone/computer/network. He is a "high value target" [0], My personal attorney still doesn't use "the cloud" for client documents (which is respectable) — has local servers, mostly offline. No typewriter, though =P ---- I'm just an electrician. [0] Does it bother anybody else that Pam Bondi has reports specifically of which documents each congressman reviewed (photographed by AP, during recent testimony)?

▲

3 hours ago | parent | prev [-]

[deleted]